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DETAILED ACTION 

1 . The amendment of 29 May 2007 has been noted and made of record. 

2. Claims 1-15, 17 and 18 have been presented for examination. 

3. Claim 16 has been cancelled as per Applicant's request. 

Response to Arguments 

4. Applicant's arguments filed 29 May 2007 have been fully considered but they are not 
persuasive. 

5. Applicant's arguments on pages 7 and 8 regarding the prior art rejection of claims 1-15, 
17, and 18 fail to comply with 37 CFR 1 . 1 1 1 (b) because they amount to a general allegation that 
the claims define a patentable invention without specifically pointing out how the language of 
the claims patentably distinguishes them from the references. 

6. In response to the Applicant's arguments that the prior art does not disclose an 
interconnecting device, with an acquiring unit, acquires authentication information stored in an 
external recording device and transmits the authentication information to an authentication 
apparatus to perform authentication, the Examiner disagrees. As spelled out in the previous 
Office Action, as well as again below, Atkinson teaches an acquiring unit at the interconnecting 
device (gateway) that obtains user authentication information (published authentication keys) 
from the external recording device (central directory service). Therefore, the prior art rejection 
of claims 1-15, 17, and 18 is maintained. 

7. See further rejections that follow. 

Claim Rejections - 35 USC § 101 

8. 35 U.S.C. 101 reads as follows: 
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Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 

9. Claims 13-15 are rejected under 35 U.S.C. 101 because the claimed invention is directed 
to non-statutory subject matter. The Applicant defines a computer-readable medium in 
paragraph 0061 of the specification stating, "the Internet may be used as the recording medium," 
thereby embodying the claimed program on carrier waves or signals. The Office's current 
position is that claims involving signals encoded with functional descriptive material do not fall 
within any of the categories of patentable subject matter set forth in 35 U.S.C. § 101, and such 
claims are therefore ineligible for patent protection. See 1300 OG 142 (November 22, 2005) (in 
particular, see Annex IV(c)). 

Claim Rejections - 35 USC § 102 

10. The text of those sections of Title 35, U.S. Code not included in this action can be found 
in a prior Office action. 

11. Claims 1, 4, 5, 7, 13, 17, and 18 are rejected under 35 U.S.C. 102(b) as being anticipated 
by U.S. Patent No. 5,51 1,122 to Atkinson et al., hereinafter Atkinson. 

12. As per claim 1, Atkinson discloses communication system that connects a first network 
and a second network for communication thereof, comprising: 

an interconnecting device (Figure 4, i.e. GW in subnet 1) connected to a communication 
device (Figure 4, i.e. Host A) of said first network; 

an authentication apparatus, positioned outside said interconnecting unit to isolate said 
first network from said second network (Figure 4 [block 116]), said authentication apparatus 
operable to perform authentication of authentication information of a user of said communication 
device received from said interconnecting device and thereby operable to control whether or not 
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communication between said first network and said second network is allowed (Figure 4 [blocks 
106, 1 10], column 1 1, lines 1-27); and 

an external recording device (column 12, lines 45-47, i.e. central directory) connected to 
said interconnecting device and operable to store authentication information of a user of said 
communication device (column 12, lines 45-47, i.e. central directory storing hosts' 
authentication keys), said authentication information being used for authentication of said user 
by said authentication apparatus, said authentication information being initially acquired from 
said recording device by said interconnecting device and then transmitted to said authentication 
apparatus to perform authentication (column 11, lines 9-16, column 12, lines 38-47, i.e. 
authentication keys used to generate digital signature which is authenticated by the intermediary 
apparatus), wherein said interconnecting device comprises: 

an acquiring unit operable to acquire said authentication information of said user of said 
communication device from said external recording device (Atkinson discloses that the terms 
gateway and intermediate router are interchangeable terms at column 9, lines 26-30. Atkinson 
further discloses at column 11, lines 9-14 that the intermediary router acquires the published to 
verify that the digital signature received is authentic. Finally at column 12, lines 45-47, Atkinson 
discloses that authentication keys (which are used to generate the digital signature used to 
authenticate the user) is published via a central directory service. Therefore, Atkinson teaches an 
acquiring unit at the interconnecting device (gateway) that obtains user authentication 
information (published authentication keys) from the external recording device (central directory 
service).); and 
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a transmit unit operable to transmit said authentication information acquired by said 
acquiring unit to said authentication apparatus (Figure 4 [blocks 16, 18, 100], column 9, lines 9- 
24, i.e. GW creates packets or fragments of authentication data and transmits to the intermediary 
device). 

13. As per claims 4 and 13, Atkinson discloses an interconnecting device for connecting a 
first network and a second network to enable communication between a first communication 
device of said first network and a second communication device of said second network, the 
interconnecting device comprising: 

an acquiring unit operable to acquire from a recording device, which is outside said 
interconnecting device, authentication information of a user of said first communication device 
for authentication of the user, by an authentication apparatus, which is outside said 
interconnecting device (Atkinson discloses that the terms gateway and intermediate router are 
interchangeable terms at column 9, lines 26-30. Atkinson further discloses at column 11, lines 9- 
14 that the intermediary router acquires the published to verify that the digital signature received 
is authentic. Finally at column 12, lines 45-47, Atkinson discloses that authentication keys 
(which are used to generate the digital signature used to authenticate the user) is published via a 
central directory service. Therefore, Atkinson teaches an acquiring unit at the interconnecting 
device (gateway) that obtains user authentication information (published authentication keys) 
from the external recording device (central directory service).), 

wherein said authentication apparatus is positioned to isolate said first network from said 
second network (Figure 4 [block 116]), said authentication apparatus operable to perform 
authentication of authentication information received from said interconnecting device and 
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thereby operable to control whether communication between said first network and second 
network is allowed (Figure 4 [blocks 106, 1 10], column 11, lines 1-27); and 

a transmit unit connected to said acquiring unit and operable to transmit said 
authentication information received by said acquiring unit to said authentication apparatus 
(Figure 4 [blocks 16, 18, 100], column 9, lines 9-24, i.e. GW creates packets or fragments of 
authentication data and transmits to the intermediary device); 

wherein said interconnecting device (Figure 4 [block 18], i.e. GW in subnet 1) is located 
between said first communication device (Figure 4 [block 10], i.e. host A) and said 
authentication apparatus (Figure 4 [blocks 106, 116]). 

14. Regarding claim 5, Atkinson teaches wherein said acquiring unit comprises a reading unit 
operable to read said authentication information from a non-volatile memory that comprises said 
recording device storing said authentication information (column 12, lines 45-47, i.e. Atkinson 
discloses that the authentication information is published on a central directory service, which is 
a computing device that comprises non-volatile memory). 

15. Regarding claim 7, Atkinson discloses wherein said acquiring unit further acquires 
identification information of said authentication apparatus from said recording device (Atkinson 
discloses that the terms gateway and intermediate router are interchangeable terms at column 9, 
lines 26-30. Atkinson further discloses at column 11, lines 9-14 that the intermediary router 
acquires the published to verify that the digital signature received is authentic. Finally at column 
12, lines 45-47, Atkinson discloses that authentication keys (which are used to generate the 
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digital signature used to authenticate the user) is published via a central directory service. 
Therefore, Atkinson teaches an acquiring unit at the interconnecting device (gateway) that 
obtains user authentication information (published authentication keys) from the external 
recording device (central directory service).), and said transmit unit transmits said authentication 
information to said authentication apparatus (Figure 4 [blocks 16, 18, 100], column 9, lines 9-24, 
i.e. GW creates packets or fragments of authentication data and transmits to the intermediary 
device). 

16. Regarding claim 17, Atkinson discloses wherein said authentication (Figure 4 [blocks 
106, 116]) is located between said interconnecting device (Figure 4 [block 18], i.e. GW in subnet 
1) and said communication device (Figure 4 [blocks 52, 54], i.e. host B). 

17. Regarding claim 18, Atkinson discloses wherein said first interconnecting device (Figure 
4 [block 18], i.e. GW in subnet 1) prevents said first communication device (Figure 4 [block 10], 
i.e. host A) from directly transmitting authentication information to said second interconnecting 
device (Figure 4 [blocks 106, 116], i.e. all communication from host A must go through GW in 
subnet 1). 

Claim Rejections - 35 USC § 103 

18. The text of those, sections of Title 35, U.S. Code not included in this action can be found 
in a prior Office action. 

19. Claims 2, 3, 6, 8, and 14 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Atkinson in view of U.S. 6,934,745 to Krautkremer, hereinafter Krautkremer. 
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20. Regarding claims 2, 3, 8, and 14, Atkinson discloses wherein said second interconnecting 
device includes a receive unit operable to receive said authentication information from said 
interconnecting device (Figure 4 [blocks 34], column 11, lines 19-27, GW in subnet 2 receives 
packets/fragments with digital signature]); an authentication unit connected to said receive unit 
and operable to authenticate said authentication information received by said receive unit (Figure 
4 [blocks 124], column 1 1, lines 19-27, i.e. the authentication process may be repeated by each 
intermediary router or gateway); 

21 . Atkins does not teach a setting unit connected to said authentication unit and operable to 
allow communication between said first communication device and said authentication apparatus 
when the authentication by said authentication unit is successful; wherein said acquiring unit of 
said first interconnecting device is further operable to acquire bandwidth information from said 
external recording device; said transmit unit of said first interconnecting device is further 
operable to transmit said bandwidth information acquired by said acquiring unit to said 
authentication apparatus; said receive unit of said authentication apparatus is further operable to 
receive said bandwidth information from said first interconnecting device; and said setting unit 
of said authentication apparatus is further operable to set a communication bandwidth between 
said first communication device and said authentication apparatus based on said bandwidth 
information. 

22. Krautkremer discloses a setting unit connected to said authentication unit and operable to 
allow communication between said first communication device and said authentication apparatus 
when the authentication by said authentication unit is successful; wherein said acquiring unit of 
said first interconnecting device is further operable to acquire bandwidth information from said 
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external recording device; said transmit unit of said first interconnecting device is further 
operable to transmit said bandwidth information acquired by said acquiring unit to said 
authentication apparatus; said receive unit of said authentication apparatus is further operable to 
receive said bandwidth information from said first interconnecting device; and said setting unit 
of said authentication apparatus is further operable to set a communication bandwidth between 
said first communication device and said authentication apparatus based on said bandwidth 
information (Figures 1 [blocks 50, 61, 62] , 2, 3, 4 [blocks 50, 61, 62], 5 [blocks 50, 61, 62], 
column 4, line 12 to column 5, line 23, column 10, lines 28-60). 

23. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to receive the client authentication data and configure the bandwidth for the 
connection between the two communicating devices, since Krautkremer states at column 2, line 
56 to column 3, line 10 that such a modification would offer real-time monitoring, measurement 
and control of performance over the network. It would also allow providers to configure and 
maintain the network from a central location. 

24. Regarding claim 6, Atkinson does not teach wherein said acquiring unit includes a 
receive unit operable to perform wireless communication with a wireless communication device 
that comprises said recording device storing said authentication information, and to receive said 
authentication information from said wireless communication device by the wireless 
communication. 

25. Krautkremer discloses wherein said acquiring unit includes a receive unit operable to 
perform wireless communication with a wireless communication device that comprises said 
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recording device storing said authentication information, and to receive said authentication 
information from said wireless communication device by the wireless communication (column 8, 
lines 36-48). 

26. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to use wireless communications, since Krautkremer states at column 2, line 56 to 
column 3, line 10 that such a modification would offer a solution to circumvent traffic over 
hardwired lines of communication. It has also been held that it only requires routine skill in the 
art to make a device portable. See MPEP § 2144.04; see also In re Lindberg, 194 F.2d 732, 735, 
93 USPQ 23,26 (CCPA 1952). 

27. Claims 9-12 and 15 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Atkinson in view of U.S. Patent No. 6,005,939 to Fortenberry et al., hereinafter Fortenberry. 

28. Regarding claims 9 and 1 5, Atkinson does not teach a decryption unit connected to said 
acquiring unit and operable to decrypt encrypted authentication information. 

29. Fortenberry discloses a decryption unit connected to said acquiring unit and operable to 
decrypt encrypted authentication information (column 6, lines 15-24, column 52-63). 

30. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to include a decryption unit to decrypt any authentication information that may be 
encrypt, since one of ordinary skill in the art would recognize the need to decrypt the 
authentication information before it was usable in generating the digital signature and Atkinson 
discusses encrypting authentication information at column 12, line 62 to column 13, line 8. 
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3 1 . Regarding claims 10-12, Atkinson does not teach a processing unit connected to said 
transmit unit and operable to determine whether or not said authentication apparatus is allowed 
to authenticate the user, wherein said transmit unit transmits said authentication information to 
said authentication apparatus when said processing unit determines that said authentication 
apparatus is allowed to authenticate the user. 

32. Fortenberry discloses a processing unit connected to said transmit unit and operable to 
determine whether or not said authentication apparatus is allowed to authenticate the user, 
wherein said transmit unit transmits said authentication information to said authentication 
apparatus when said processing unit determines that said authentication apparatus is allowed to 
authenticate the user (column 6, lines 7-14, column 8, lines 7-14). 

33. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to provide a determination of whether the intermediary device is allowed to perform 
the authentication procedure, since Fortenberry states at column 1, lines 55-58 that such a 
modification provides for a consistent, secure, and redundancy free technique for performing 
user authentication. 

Conclusion 

34. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Christian La Forgia whose telephone number is (571) 272-3792. 
The examiner can normally be reached on Monday thru Thursday 7-5. 

35. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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36. Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



Christian LaForgia 
Patent Examiner 
Art Unit 2131 




